On 1/25/23 13:27, Sid Manning wrote:
On 7.2 VA to PA mappings are not consistent:
Thread 10 "vp" hit Breakpoint 1, tlb_add_large_page (env=0xeb7ac0,
mmu_idx=0x2, vaddr=0xffffff809977f000, size=0x1000) at
../../../../../../src/qemu/accel/tcg/cputlb.c:1090
tlb_set_page_full: vaddr=ffffff809977f000 paddr=0x0000000f35f32000 prot=3 idx=2
Thread 14 "vp" hit Breakpoint 1, tlb_add_large_page (env=0xf185e0, mmu_idx=0x2,
vaddr=0xffffff809977f000, size=0x1000) at
../../../../../../src/qemu/accel/tcg/cputlb.c:1090
tlb_set_page_full: vaddr=ffffff809977f000 paddr=0x0000000f42a16000 prot=3 idx=2
Using the monitor to view the memory I see that on 7.2 the first entry appears
to be accurate.
xp /2x 0x0000000f35f32018
0000000f35f32018: 0x9977eff0 0xffffff80
And the second is not:
xp /2x 0x0000000f42a16018
0000000f42a16018: 0x00000000 0x00000000
7.2 is calling arm_cpu_tlb_fill more often now and I don't know if that is
related to the problem I'm seeing or a natural result of the changes made to
S1_ptw_translate between the releases.
Well, there are more calls to tlb_fill, since we're now also using tlb_fill for the stage2
translation, and for the translation tables themselves. It's possible that there's a bug
in the stage2 tlb flushing that wouldn't have been visible before (and also not visible
from the monitor, since that avoids tlb_fill entirely).
While it would still be handier to have a test case, the next best thing may be for me to
add some tracepoints within ptw.c. I'll work on that later today or tomorrow.
r~